Job Overview/Summary: Would you like a challenging, exhilarating and rewarding job that makes the world a better place because of something you do every day? Would you be passionate about helping the world’s most vulnerable populations by safeguarding sensitive information and systems? Do you have a proven track record in information technology and security and eager to learn even more so you can fast track to an Information Security Officer Role with global authority? Do you thrive working hands on with enterprise class technologies and strive to solve complex business issues across a global workforce?
If so, we are hoping you will join us. We are looking for a Senior IT Security Engineer to lead IT security strategy, operations and compliance that measurably strengthens the IRC’s security. The ideal candidate is a proven IT and security technologist, critical thinker, and people motivator who excels at customer engagement. The Sr. Engineer collaborates closely with Enterprise ERP and core IT functions: infrastructure (network, servers, databases, cloud) and applications.
Major Responsibilities:
IT Security Operations and Incident Response
- Daily monitoring and management of all IT security systems and Integra; leads response to security incidents, including investigation, response, and resolution.
- Leads continuous vulnerability assessment or network perimeter and web applications.
- Supports IT audits to ensure compliance with security policies
- Leads development and implementation of an IT Business Continuity and Disaster Recovery plan / SOPs.
- Monitors information security intelligence and keep abreast of pertinent events, research, and developments
IT Security Systems Engineering and Implementation
- Continuously improves IT security system security design and operation; initial emphasis on Integra
- Assesses and develops improvements for technical security operations related to Azure AD, Office 365 Security and Compliance (Office 365 E3), Qualys, SQL, Box, Proofpoint, Sophos and other key security tools.
- Assesses environment for SIEM requirements, makes recommendations, and implements as appropriate.
- Ensures security technologies deployed are migrated into an operational status with appropriate ownership; creates and maintains documentation such as process flows and technical procedures, standards, etc.
- Supports compliance and audit reporting as required by IT Security Standards.
- Collaborates closely with multiple teams to develop and implement IT security standards / RACI.
Policy, Technical IT Standards and Compliance
- Drives ongoing enterprise policy development and maintenance; ensures policy complies with industry standards and regulations such as GDPR, DFID and NIST.
- Further develops and automates compliance and reporting function; conducts IT security audits.
Project Management
- Executes projects on time and with high quality
- Quickly identifies, develops and maintains critical relationships across multiple departments and geographies.
- Leads project planning and executes on time and in budget; report and escalate to management as needed
- Gathers requirements and defines projects according to IRC’s methodology; trainins IT SMEs.
Key Working Relationships:
Position Reports to: CISO
Position directly supervises: NA
Indirect Reporting: Regional and country program leadership, IT leadership, IRC privacy office
Other Internal and/or external contacts:
Internal: IT staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.
External: Industry/sector peers and vendors. Law enforcement if needed for incident response. Participates in / leads sector discussions of IT security related issues.
Job Requirements:
Education: Bachelor’s degree in an information systems-related field required. Master’s preferred.
Work Experience: 5-7 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems
Demonstrated Skills and Competencies:
- Proven hands on expertise, engineering, and implementation of enterprise class technologies including but not limited to firewalls, proxy servers, MS Exchange / Office 365, VPN, DLP, Active Directory endpoint security; Office 365 Azure and cloud security. Dynamic 365 and Fastpath significant plus.
- Expertise in deploying security features & products for cloud productivity software & services–O365 preferred.
- Facility for hands on operation of additional key IRC technologies such as KACE, Managengine, encryption, ServiceNow, SSO/SAML, SolarWinds, Nagios, Thycotic.
- Demonstrated capacity to exceed in a multinational organization, in at least 10 countries with 5,000+ staff.
- Demonstrated capacity to be a self-starter and work remotely with limited reliance on supervision
- Strong project management capabilities for engineering and deployment of IT/security products or as well as the organizational change management skills needed to drive organizational improvements.
- Excellent interpersonal skills required to help identify key relationships and to maintain them.
- Strong oral and written communications skills sufficient for senior level presentation and technical policy and standards development;
Language Skills: English required; French and Arabic a plus
Certificates or Licenses: CISSP, CISSP/ITIL or others, which support adequate aptitude to design, deploy and operate IT security solutions; CISSP strongly preferred.
Working Environment: Standard office work environment; work location may be another IRC office.
Travel: up to 15%; two trips annually to NYHQ.
- Lebanon
- Beirut
The IRC and IRC workers must adhere to the values and principles outlined in IRC Way - Standards for Professional Conduct. These are Integrity, Service, and Accountability. In accordance with these values, the IRC operates and enforces policies on Beneficiary Protection from Exploitation and Abuse, Child Safeguarding, Anti Workplace Harassment, Fiscal Integrity, and Anti-Retaliation.
Please submit your application before January 20, 2020 on https://rescue.csod.com/ats/careersite/jobdetails.aspx?site=1&c=rescue&…
Only short-listed candidates will be contacted.